Experiencing a Security Breach?

24 Hour Hotline: +1 (866) 659-9097 Option 5

General

+1 (312) 873-7500

Monday - Friday 8:00 AM - 6:00 PM CT (UTC -6)

Sales

Contact a Trustwave solution specialist.

+1 (888) 878-7817

Monday - Friday 8:30 AM - 5:30 PM CT (UTC -6)

Loading...

Blogs & Stories

SpiderLabs Blog

Attracting more than a half-million annual readers, this is the security community's go-to destination for technical breakdowns of the latest threats, critical vulnerability disclosures and cutting-edge research.

We've just released a new version (4.38) of Corsigs for users of Trustwave Web Application Firewall (WAF) version 7.0. These new rules help protect users' web applications against malicious traffic targeting the vulnerabilities listed below.

Release Summary

Wordpress Privilege Escalation (CVE-2015-5623)

Privilege escalation that exists in newer versions of Wordpress allowing a Subscriber to become a modifier and modify/create/delete posts. This vulnerability might be exploited in combination with other critical vulnerabilities.

Wordpress SQL Injection (CVE-2015-2213)

This vulnerability might be exploited in combination with the privilege escalation vulnerability CVE-2015-5623 mentioned above. An unfiltered input parameter of user in Wordpress who gained privileges can execute arbitrary SQL statements.

How to Update

No action is required of customers that run version 7.0 of Trustwave Web Application Firewall and subscribe to the online update feature. Their deployments will receive the update automatically.

Note that even if blocking actions are defined for a protected site, simulation mode for these rules is ON by default so that site managers can inspect the impact of new rules before actually blocking relevant traffic. If you would like to activate blocking actions for this rule, you need to update the Actions for this signature in the Policy Manager.